Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/iKtX0xR3cj93jiNQAUr2xJX3SuY.roa
File:                     iKtX0xR3cj93jiNQAUr2xJX3SuY.roa (raw, json)
Hash identifier:          in9n5g+B+vIlDp6rzVheY0dw14al1oSExujDe/a+Adw=
Subject key identifier:   88:AB:57:D3:14:77:72:3F:77:8E:23:50:01:4A:F6:C4:95:F7:4A:E6
Certificate issuer:       /CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Certificate serial:       3B302355
Authority key identifier: A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/iKtX0xR3cj93jiNQAUr2xJX3SuY.roa
Signing time:             Wed 16 Mar 2022 09:47:12 +0000
ROA not before:           Wed 16 Mar 2022 09:47:12 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     8412
IP address blocks:        86.62.32.0/22 maxlen: 24
                          94.16.18.0/23 maxlen: 24
                          94.16.28.0/23 maxlen: 24
                          185.81.210.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 993010517 (0x3b302355)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
        Validity
            Not Before: Mar 16 09:47:12 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=88ab57d31477723f778e2350014af6c495f74ae6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:ad:cd:b4:66:0f:7b:bd:9b:33:d2:8f:a6:56:
                    48:9b:0b:8e:4d:25:41:30:dd:c9:9b:7a:c7:53:00:
                    d9:88:96:20:a0:46:89:40:c6:bd:6a:ff:7a:12:1b:
                    db:0f:1e:8f:3f:93:eb:cd:36:8e:69:31:c7:95:66:
                    d2:47:da:62:34:46:c1:67:49:62:25:05:ac:7e:b8:
                    83:67:b2:88:08:a5:31:b5:d7:f8:99:ac:d5:d1:5f:
                    1a:f5:85:5d:98:e0:1d:27:60:04:a8:6a:3d:9c:f6:
                    0b:65:62:a2:10:23:0f:f3:47:bb:5f:b6:a2:2f:cc:
                    77:e4:cc:10:39:c2:a5:6f:43:bd:e1:d0:61:cc:9f:
                    db:6d:ee:ed:a3:52:ab:ea:7b:73:06:5c:1b:fc:66:
                    82:1f:f9:51:18:f6:9c:bb:3b:88:cb:9f:19:6a:01:
                    9e:d9:5f:86:9f:6c:92:27:ac:01:4d:1d:7e:cf:81:
                    eb:11:7e:d0:aa:30:0e:e2:24:6a:16:59:bf:0c:61:
                    60:b2:e1:44:18:61:88:1b:ac:92:d3:06:35:cf:53:
                    69:e0:48:10:7e:ed:64:8c:6d:88:03:4d:d5:b6:75:
                    7e:58:92:3c:3c:79:d0:59:05:93:c8:18:8f:c8:0d:
                    22:85:32:15:32:ae:05:3f:28:20:71:df:e7:68:39:
                    8f:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:AB:57:D3:14:77:72:3F:77:8E:23:50:01:4A:F6:C4:95:F7:4A:E6
            X509v3 Authority Key Identifier:
                keyid:A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/iKtX0xR3cj93jiNQAUr2xJX3SuY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  86.62.32.0/22
                  94.16.18.0/23
                  94.16.28.0/23
                  185.81.210.0/23

    Signature Algorithm: sha256WithRSAEncryption
         b2:05:e7:77:19:4d:17:89:c7:72:85:4c:ff:26:62:5b:8b:11:
         5d:47:24:dc:f1:42:ce:bf:67:84:08:af:20:7f:4e:ec:8c:3d:
         44:cd:ba:c1:97:63:13:51:57:13:9b:1b:de:36:24:5e:18:30:
         c7:57:33:e5:cd:3f:ba:17:09:32:28:46:4e:12:ff:67:e7:c1:
         7d:24:df:bb:56:d1:54:93:1f:fd:2b:9d:63:9f:14:32:5e:5a:
         39:16:f4:c4:0d:76:e0:6a:e7:36:90:69:5a:1f:20:58:b5:d6:
         d9:af:e4:85:b6:3f:0a:8e:b6:52:48:2d:fd:2d:4a:e0:c3:09:
         b5:eb:a5:c6:b4:87:15:51:5a:f0:7e:93:db:c1:be:f0:ef:c9:
         b3:e8:08:b5:6f:cb:c8:01:67:f6:c3:c2:f1:ce:1e:5d:57:41:
         1e:83:5e:86:42:94:71:6d:8c:9f:76:14:81:ba:65:a4:91:9a:
         ac:08:4c:01:b2:10:65:e7:34:84:b0:58:99:13:ba:b8:96:d4:
         15:ee:41:51:7f:c1:3c:d5:81:64:d7:d1:bc:bd:04:84:82:5b:
         96:65:ae:5e:1b:4c:d0:11:5e:d4:f8:d6:dc:4e:1a:50:26:82:
         52:e0:29:83:9a:1e:37:4c:90:8b:82:b1:c5:e2:c6:df:8d:0b:
         68:c3:aa:31
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEOzAjVTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NTM5YWZlYmFjZTg5OWE4ZWUwYmI0ZjhiYjQ0NzVmZTI0N2ExNTI4MB4XDTIyMDMx
NjA5NDcxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODhhYjU3ZDMxNDc3
NzIzZjc3OGUyMzUwMDE0YWY2YzQ5NWY3NGFlNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALytzbRmD3u9mzPSj6ZWSJsLjk0lQTDdyZt6x1MA2YiWIKBG
iUDGvWr/ehIb2w8ejz+T6802jmkxx5Vm0kfaYjRGwWdJYiUFrH64g2eyiAilMbXX
+Jms1dFfGvWFXZjgHSdgBKhqPZz2C2ViohAjD/NHu1+2oi/Md+TMEDnCpW9DveHQ
Ycyf223u7aNSq+p7cwZcG/xmgh/5URj2nLs7iMufGWoBntlfhp9skiesAU0dfs+B
6xF+0KowDuIkahZZvwxhYLLhRBhhiBusktMGNc9TaeBIEH7tZIxtiANN1bZ1fliS
PDx50FkFk8gYj8gNIoUyFTKuBT8oIHHf52g5j7cCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBSIq1fTFHdyP3eOI1ABSvbElfdK5jAfBgNVHSMEGDAWgBSlOa/rrOiZqO4L
tPi7RHX+JHoVKDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3BUbXY2NnpvbWFqdUM3VDR1MFIxX2lSNkZTZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmUvOThjNGVlLTJmNTktNDVhNy1hZGI2LTc0MTM5NTkxMzEyZS8x
L2lLdFgweFIzY2o5M2ppTlFBVXIyeEpYM1N1WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmUv
OThjNGVlLTJmNTktNDVhNy1hZGI2LTc0MTM5NTkxMzEyZS8xL3BUbXY2NnpvbWFq
dUM3VDR1MFIxX2lSNkZTZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAlY+IAMEAV4QEgMEAV4QHAMEAblR
0jANBgkqhkiG9w0BAQsFAAOCAQEAsgXndxlNF4nHcoVM/yZiW4sRXUck3PFCzr9n
hAivIH9O7Iw9RM26wZdjE1FXE5sb3jYkXhgwx1cz5c0/uhcJMihGThL/Z+fBfSTf
u1bRVJMf/SudY58UMl5aORb0xA124GrnNpBpWh8gWLXW2a/khbY/Co62Ukgt/S1K
4MMJteulxrSHFVFa8H6T28G+8O/Js+gItW/LyAFn9sPC8c4eXVdBHoNehkKUcW2M
n3YUgbplpJGarAhMAbIQZec0hLBYmRO6uJbUFe5BUX/BPNWBZNfRvL0EhIJblmWu
XhtM0BFe1PjW3E4aUCaCUuApg5oeN0yQi4KxxeLG340LaMOqMQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:51 2024 by rpki-client on console-ams.rpki-client.org